Hi all I am new here and new to Avast. I just downloaded the Avast AV earlier today and uninstalled my Norton AV. Anyway yesterday I recieved an alert from norton telling me I had a virus it is called the “downloader” it said it could not repair the file etc. After searching about this type of virus I read that it is pretty ugly. I have never came across a virus that my AV program couldnt remove so a friend of mine told me to use AVASt. ok I am running the Avast right now I have gotten LOTS of alerts throughout it saying I have adware and Trojans and lots of them. I am seeing a lot of the trojans are in Win32: and I have moved everything to the chest but am worried that a lot of these files are very important and could mess up my laptop. I do not know what do to once the scan is over and how to fix what was found. So if there is anyone out there that can give me some advice it would be greatly appreciated but please remember i am not familiar with this kind of stuff so please be patient with me.
Hi myimmortalgirl,
First of all, can you confirm that you uninstalled Norton before installing avast!?
‘Win32’ is just a type of malware affecting Windows. The Trojans are likely to be in System32, which is the Windows system file. You are right that important system files reside there, but malware also hides there, so expect to find Trojans etc in that location.
Moving these files to the chest (quarantine) is the right thing to do because in the rare event of a system file being wrongly identified as malware, you have a chance to restore the file and correct any problems.
As you seem to have found a lot of Trojans and Adware, I’m going to recommend some specialist Adware scanners, and then as a double check, some online scans. Multiple scans in this way gives the best chance of catching all the malware on your computer.
First try a boot time scan with avast! Right click the scanner screen, select ‘schedule a boot time scan’ and reboot when requested.
The usual free adware/spyware scanners.
AVG Anti-Spyware Free (Requires Win2k/XP)
Download, install and update the programs. Disconnect from the internet (pull the plug) before running scans in Safe Mode if possible.
Always select the option to quarantine any malware found rather than delete it, then you will be able to restore files or registry entries wrongly identified as malware- a rare but not unknown event for any malware scanner.
Try some online scans. (Disable avast! while scanning.)
When you have finished, scan for out-of-date and insecure software using Secunia Software Inspector and update any vulnerable software: this will help to prevent future infections.
Install SpywareBlaster also to prevent future infections: don’t forget to update every month or so.
Tyvm Free yes I uninstalled the norton anti-virus restarted my computer and then installed avast. One of the alerts i got while scanning for a virus i clicked on repair and it said it couldnt repair so i moved it to the chest area. Is there a list from the scan that I can copy to put on here so you or someone else can take a look at to see if it is malware or whatever. Im actually not sure what malware is. Again thank you for your detailed message. I am going to do all of it step by step tonight and dl the programs i will need right now.
What was the malware name, file name and location of the infected file e.g. (malware name, C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections.
Trojans generally can’t be repaired (either by the VRDB or avast virus cleaner), because the entire content of the file is malware, so it is either move to chest or delete, move to the chest being the best option (first do no harm). When a file is in the chest it can’t do any harm and you can investigate the infected warning.
The VRDB only protects certain files, .exe, dll and other system files, it doesn’t protect data files or all files, it is not a back-up program, so there are going to be many occasions where repair won’t be an option.
Only true virus infection can be repaired, e.g. when a virus infects a file it adds a small part to it, provided that file is one that avast’s VRDB would monitor and you have run the VRDB, then it may be possible to repair the file to its uninfected state.
However, for the most part so called viruses, trojans (adware/spyware/malware, etc.) can’t be repaired because the complete content of the file is malicious.
ok well during the first scan i did select to repair on one of the so called viruses and it said it couldnt then everything else that popped up i just moved it to the chest. Well now i have an even bigger problem then before which i am assuming has to do with the avast boot-scan. when i got up today i turned on my computer and the avast automatically started running the boot-scan then once it was done it tried loading the desktop well as it was trying to do that a blue screen came up saying this… Hardware Malfunction* Call your hardware vendor for support * NMI: parity check/memory parity error *** The system has halted*** So i shut down the computer turned it back on the desktop loads and as soon as i tried signing into my instant messenger the blue screen came up again. So anyone have any advice on this? Has this happend to you after running the avast boot-scan?
avast shouldn’t do an automatic boot-time scan, it has to be scheduled by the user.
When we ask about file names and locations it helps us to help you, without information we are in the dark and simply guessing.
When you get a BSOD (blue screen) there is lots of information on that screen, most importantly a stop error number and anything like the wording which you posted. With this information you can do a google search for the text or the stop error number and see what you get. http://www.google.com/search?q=NMI%3A+parity+check%2Fmemory+parity+error
This is usually seen if you have recently installed new/more RAM.
I can only assume that the BSOD that happened using messenger was the same (as you didn’t give details), if so you may have a bad stick of memory.